CVE-2025-66737

Description

Yealink T21P_E2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component.

References

https://drive.google.com/file/d/1MpxnCL4koKupqWWDmY3ljlybjIPD8ieD/view?usp=sharing

http://yealink.com

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3